期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

对两个口令认证密钥交换协议的安全性分析 被引量:4

Cryptanalysis of two password authenticated key exchange protocols
下载PDF
导出
摘要 口令认证密钥交换协议使得仅共享低熵口令的用户可以通过不安全的信道安全地协商出高熵的会话密钥,由于实用性较强受到了密码学研究者的广泛关注。对最近在"标准模型下高效的基于口令认证密钥协商协议"一文中提出的协议以及在"基于验证元的三方口令认证密钥交换协议"一文中提出的协议进行了分析,指出这两个口令认证密钥交换协议都是不安全的,难于抵抗离线字典攻击,进一步分析了原协议设计或安全性证明中被疏忽之处。 Password authenticated key exchange protocol can be used for two parties sharing only a low-entropy password to establish high entropy shared keys.It has been extensively studied for its great application prosperity.In this paper,cryptanalysis of a protocol proposed by Shu et al. in the paper of "Provable Secure Encrypted Key Exchange Protocol under Standard Model" ,and a protocol proposed by Li et al. in the paper of "Verifier-Based Password Authenticated Key Exchange for Three Party" has been presented.Concrete off-line dictionary attacks in which an outside adversary traverses the password dictionary and verifies its guess in off-line manner are also presented.Further,the errors in the original security proof are also analyzed.
作者 胡学先 刘文芬 张振峰
机构地区 信息工程大学信息工程学院 中国科学院软件研究所信息安全国家重点实验室
出处 《计算机工程与应用》 CSCD 北大核心 2010年第18期18-20,共3页 Computer Engineering and Applications
基金 国家高技术研究发展计划(863)No.2009AA01Z417 国家自然科学基金No.60873261~~
关键词 密钥交换协议 可证明安全 口令认证 离线字典攻击 key exchange protocol provable security password authenticated off-line dictionary attack
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献15

  • 1Boyd C,Mathuria A.Protocols for authentication and key establishment[M].Berlin : Springer-Verlag, 2003 : 247-266. 被引量:1
  • 2Bellovin S M,Merritt M.Enerypted key exchange:Password based protocol secure against dictionary attack[C']//IEEE Symposium on Research in Security and Privacy, Oakland, 1992: 72-84. 被引量:1
  • 3Bellare M,Pointcheval D, Rogaway P.Authenticated key exchange secure against dictionary attacks[C]//LNCS 1807:Eurocrypt 2000. Berlin : Springer-Verlag, 2000:139-155. 被引量:1
  • 4MacKenzie P.The PAK suite:Protocols far password authenficated key exchange,Technical Report 2002-46[R/OL].DIMACS,2002-10. http://dimacs.rutgers.edu/Technic alReport s/abstract/2002/2002--46.html. 被引量:1
  • 5Katz J,Vaikuntanathan V.Smooth projective hashing and password- based authenticated key exchange from lattices[C]//LNCS 5912:Asiacrypt 2009,2009 : 636-652. 被引量:1
  • 6Canetti R,Goldreich O,Halevi S.The random oracle methodology, revisited[C]//The 30th Annual ACM Symposium on Theory of Computing, 1998 : 209-218. 被引量:1
  • 7Goldreich O,Lindell Y.Session key generation using human passwords only[C]//LNCS 2139:Crypto 2001.Berlin:Springer-Verlag,2001: 408-432. 被引量:1
  • 8Katz J,Ostrovsky R,Yung M.Practical password-authenticated key exchange provably secure under standard assumptions[C]//LNCS 2045: Eurocrypt 2001.Berlin:Springer-Verlag,2001:475-494. 被引量:1
  • 9Jiang S Q,Gong G.Password based key exchange with mutual authentication[C]//LNCS 3357:Selected Areas in Cryptography-SAC 2004.Berlin: Springer-Verlag, 2004: 267-279. 被引量:1
  • 10殷胤,李宝.标准模型下可证安全的加密密钥协商协议[J].软件学报,2007,18(2):422-429. 被引量:9

二级参考文献38

  • 1殷胤,李宝.标准模型下可证安全的加密密钥协商协议[J].软件学报,2007,18(2):422-429. 被引量:9
  • 2FENG DengGuo CHEN WeiDong.Modular approach to the design and analysis of password-based security protocols[J].Science in China(Series F),2007,50(3):381-398. 被引量:4
  • 3BELLARE M, ROGAWAY E Provably secure session key distribution-the three party case[A]. Proceedings of the 27th ACM Symposium on Theory of Computing[C]. Las Vegas: ACM, 1995.57-66. 被引量:1
  • 4CHANG C C, CHANG Y E A novel three-party encrypted key exchange protocol[J]. Computer Standards and Interfaces, 2004, 26(5): 471-476. 被引量:1
  • 5SUN H M, CHEN B C, HWANG T. Secure key agreement protocols for three-party against guessing attacks[J]. Journal of Systems and Software, 2005, 75(1-2): 63-68. 被引量:1
  • 6LEE S W, KIM H S, YOO K Y. Efficient verifier-based key agreement protocol for three parties without server's public key[J]. Applied Mathematics and Computation, 2005, 167(2): 996-1003. 被引量:1
  • 7ABDALLA M, CHEVASSUT O, FOUQUE P A, et al. A simple threshold authenticated key exchange from short secrets[A]. Proc. Asiacrypt'05[C]. Chennai, India, 2005. 566-584. 被引量:1
  • 8KWON J O, JEONG I R, SAKURAI K, et al. Efficient verifier-based password-authenticated key exchange in the three-party setting[J]. Computer Standards and Interfaces, 2007. 513-520. 被引量:1
  • 9LEE S W, KIM H S, YOO K Y. Improvement of Lee and Lee's authenticated key agreement scheme[J]. Applied Mathematics and Computation, 2005, 162(3): 1049-1053. 被引量:1
  • 10KWON J O, HWANG J Y, KIM C W, et al. Cryptanalysis of Lee-Kim-Yoo password- based key agreement scheme[J]. Applied Mathematics and Computation, 2005, 168(2): 858-865. 被引量:1

共引文献28

同被引文献18

  • 1Bellovin S M, Merritt M. Encrypted Key Exchange: Password-Based Protocols Secure against Dictionary Attacks [ C ]//IEEE Computer So- ciety Symposium on Research in Security and Privacy, Oakland, CA, USA, 1992:72 - 84. 被引量:1
  • 2Jonathan K, Rafail O, Moti Y. Efficient Password-Authenticated Key Exchange Using Human-Memorable Passwords [ C ]//Proceedings of the International Conference on the Theory and Application of Crypto- graphic Techniques: Advances in Cryptology, Innsbruck, Austria, 2001:475 - 494. 被引量:1
  • 3Philip D M, Pate S, Swaminathan R. Password-Authenticated Key Exchange Based on RSA [ C ]//Proceedings of the 6th International Con- ference on the Theory and Application of Cryptology and Information Security : Advances in Cryptology, Kyoto, Japan, 2000:599 - 613. 被引量:1
  • 4Jiang S Q, Gong G. Password based key exchange with mutual authen- tication[C]//Proceedings of SAC 2004, Nicosia, Cyprus, LNCS 3357 : 267 - 279. 被引量:1
  • 5Malika Izabachene, David Pointcheval. New Anonymity Notions for Identity-Based Encryption [ C]//SCN, 2008, LNCS, 5229, 375- 391 ,Sringer-Verlag, 2009. 被引量:1
  • 6Bellovin S M,Merritt M.Encrypted Key Exchange:Password-Based Protocols Secure against Dictionary At-tacks[C].IEEE Computer Society Symposium on Research in Security and Privacy,Oakland,CA,USA,1992:72-84. 被引量:1
  • 7Bellare M,Pointcheval D,Rogaway P.Authenticated Key Exchange Secure against Dictionary Attacks[C].Advances in Cryptology-EUROCRYPT'00,Brugge,Belgium,2000:139-155. 被引量:1
  • 8Boyko V,Mackenzie P,Patel S.Provably Secure Password-Authenticated Key Exchange Using Diffie-Hellman[C].Advances in Cryptology-EUROCRYPT'00,Bruges,Belgium,2000:156-171. 被引量:1
  • 9Jonathan K,Rafail 0,Moti Y.Efficient Password-Authenticated Key Exchange Using Human-Memorable Passwords[C].Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques:Advances in Cryptology,Innsbruck,Austria,2001:475-494. 被引量:1
  • 10Malika Izabachene,David Pointcheval.New Anonymity Notions for Identity-Based Encryption[C].SCN,2008,LNCS,5229,375-391,Sringer-Verlag,2009. 被引量:1

引证文献4

计算机工程与应用
2010年 第18期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部